Apple this year patched a twenty-year-old bug that gave hackers full access to any Mac.
According to a new report from Wired, vulnerability researcher Joshua Hill discovered at bug twenty years ago, and Apple just recently patched it. Hill first discovered the bug back in 1999. He owned a Mac Performa at the time, and to get online, he needed a modem, which he traded a holographic Han Solo trading card with his friend for, naturally.
The bug basically allowed an attacker to gain full access and control of any Mac, and Hill found out about the exploit when he was using an Apple service called Remote Access, which allowed users to control one’s computer from a phone or another computer remotely without the need of any password. The hack was achieved using a common method of attack called a buffer overflow.
“The flaw could have potentially been exploited by an attacker to get persistent, remote root access to any Mac, meaning full access and control,” reads the report. “This isn’t as bad as it sounds, though, Hill says. The specific exploit string he developed only works on certain generations of OS X and macOS and Apple has added protections since 2016’s macOS Sierra that made the bug prohibitively difficult (though still not technically impossible) to exploit in practice. And since Apple operating system adoption rates are always high, there isn’t a significant population of truly retro Mac software out there to target.”
Two decades later, Hill realized while he was studying the current macOS that much of the old modem configurations still form the foundation of the network tools in Mac operating systems today. Applying a slightly modified modern revamp of his old hack, the vulnerability researcher was able to recreate the exploit and gain access to other Macs with full root access.
He shared his findings with the world, and Apple subsequently patched the 20-year-old bug this April. He’s now presenting the bug at the Objective by the Sea Mac security conference in Monaco on Sunday.